src: exclude node_root_certs when use-def-ca-store #11939
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
When configuring node with --openssl-use-def-ca-store the root certs from OpenSSL should be used and not the ones in src/node_root_certs.h. I noticed that src/node_root_certs.h is still included even when using --openssl-use-def-ca-store. This commit adds check and does not include node_root_certs.h if --openssl-use-def-ca-store is specified.
nodejs-github-bot
added
c++
|
First linter job failed because of work in progress in the CI job. Relaunched: https://ci.nodejs.org/job/node-test-linter/7717/ |
mscdex
added
tls
jasnell
added
the
semver-major
|
Marking as semver-major defensively here. @nodejs/crypto thoughts? |
jasnell
approved these changes
Mar 20, 2017
bnoordhuis
approved these changes
Mar 20, 2017
|
Semver-major seems appropriate. Most people would probably consider it a bug fix but since it changes behavior in a way that is not backwards-compatible, semver-major seems right. |
cjihrig
approved these changes
Mar 20, 2017
jasnell
pushed a commit
that referenced
this pull request
Mar 22, 2017
When configuring node with --openssl-use-def-ca-store the root certs from OpenSSL should be used and not the ones in src/node_root_certs.h. I noticed that src/node_root_certs.h is still included even when using --openssl-use-def-ca-store. This commit adds check and does not include node_root_certs.h if --openssl-use-def-ca-store is specified. PR-URL: #11939 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
|
Landed in be98f26 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When configuring node with --openssl-use-def-ca-store the root certs
from OpenSSL should be used and not the ones in src/node_root_certs.h.
I noticed that src/node_root_certs.h is still included even when
using --openssl-use-def-ca-store.
This commit adds check and does not include node_root_certs.h if
--openssl-use-def-ca-store is specified.
Checklist
make -j4 test(UNIX), orvcbuild test(Windows) passesAffected core subsystem(s)
src